Manualshelf

Network Security Features of HP-UX 11i v1 and 11i v2

ManualsBrandsHP ManualsSoftwareHP-UX Security Products and Features Software
12345678910
Page 4
TCP Wrapper: TCP Wrapper addresses the inherent security issues with inetd.sec by providing
built-in protection against host name and host address spoofing. It includes complete access control
with monitoring and logging of incoming network connections.
Applications
HP-UX Secure Shell (SSH): The HP implementation of the open source SSH application. SSH is
used to secure network based command line utilities such as
rlogin, remsh, rcp, and ftp.
HP Kerberos product suite: Includes Kerberos Server software, Kerberos Client software, GSS-API
libraries, PAM Kerberos, and Kerberized implementations of Internet services to build security into
applications. Kerberos is an industry standard protocol used to provide secure password based
authentication over networks.
Secure Internet Services, including:
Secure Routing: HP-UX provides utilities and protocols that help to secure routing interfaces on
a network.
BIND 9.2: Includes DNS Security (DNSSec) and TSIG-based transaction security features.
inetD: Secures Internet Services with inetD
Sendmail version 8.11.1: Includes spam control using Message Submission Agent (MSA) and
LDAP-based routing.
WU-FTP 2.6.1: Includes full virtual host support and restricted access to ftp services.
LDAP-UX Integration: Includes LDAP-UX Client Services, LDAP-UX Client Administration
Tools, and the NIS/LDAP Gateway. LDAP-UX Integration works with an LDAP directory server
such as the Netscape Directory Server to let HP-UX systems to use an LDAP directory as its source
for name service data and user authentication.
HP-UX Security Performance and Manageability
HP-UX provides manageable security together with excellent system and network performance. The key
component of secure system and network management is the directory server. The backbone of HP-UX
security is its cryptography.
Directory Server
The LDAP directory server is the backbone of secure network management. LDAP provides a common
network accessible repository for much of the data that is used by security components of HP-UX
systems and networks.
For example, you can create a single user entry with a password in a directory server. PAM, AAA, LDAP
Integration, and other applications can then use that user information.
For more details about the HP-UX directory server offering, see “Adaptive Security Using an LDAP
Directory” later in this paper.